Click here to view and discuss this page in DocCommentXchange. In the future, you will be sent there automatically.

SAP Sybase SQL Anywhere 16.0 » SQL Anywhere Server - Database Administration » User and database security


User security (roles and privileges)

SQL Anywhere provides a role-based access control model for the execution of privileged operations. A role-based security model provides complete control and granularity for the privileges you want to grant to users. Each privileged operation a user can perform in the database requires one or more system privilege or object-level privilege.

A system privilege is a right to perform an authorized database task. For example, the CREATE TABLE system privilege allows a user to create self-owned tables.

An object-level privilege is a right to perform an authorized task on a specified object. For example, having ALTER privileges on TableA allows a user to alter that table, but not other tables.

A role is a collection of one or more system privileges, object-level privileges, or roles. You can grant roles to other roles to create a role hierarchy. Granting a role to a user is equivalent to granting the user the underlying system privileges for the role.

Each new or migrated SQL Anywhere database includes a predefined set of roles you can use to get started. These system roles act as a starting point for implementing role-based security.


If you are a pre-16.0 SQL Anywhere customer, it is recommended that you review these sections on how the security model has changed from the authority/permission/group model to the role/privilege/user-extended role model: Upgrading to role-based security.

 See also

Inheritance of roles and privileges
Plan and implement a role-based security hierarchy
Ownership of nested objects
Tutorial: Granting roles and privileges (Sybase Central)
Tutorial: Granting roles and privileges (SQL)
Upgrading to role-based security